Archive

Long time no see you…

Hi Folks,

lang time no see ya….

No, it’s not because I upgrade my RapidWeaver blogging software finally, but because of the final steps at work moving to another building which now lasted almost one and a half years. Those last weeks in april and may I had to work all the weekends and some nightshift, that’s why the blog lost my attention.
Quite like my wife’s blog which is also unmaintained since she is just finishing her studies now. But the good thing is, that I have lots of content in the back which I just noted down from time to time and which is just waiting to be published.
?
Ahhh, forgot one more bad thing for you guys, I’ll be on holiday next week, so don’t expect too much activity soon.
Further I want to redesign the blog content (without killing the permalinks) to be more informative, such as writing in german and english since my readers are germans, most of them. And I also want to start a new blog category about architecture which is one of my hobbies. Although I’m not sure yet how to bundle all these different contents into one blog, I hope you’ll soon be able to enjoy the first articles.

For the RapidWeaver Upgrade itself I must say, I’ve got absolutely no idea why I spent the money for the upgrade since I can’t see any difference yet. Hopefully I’ll discover some new features in the future, and don’t experience one or more of the known/unknown bugs. At least my old content and layout loaded without warnings.

Let’s see if everything breaks when I press publish…..

…yours Kobaan. I’m back.

Archive, Hardware

First internet router in space

NASA is launching its first internet
router to be placed in earth orbit.
Thus internet network routing is not anymore limited to undersea
fiber optic cables, direct copper links or low range wireless
communication.
On the other side, this way it is no longer possible for “friendly”
states to eavesdrop communication on ground based
wires/fibers.
Fibertapping is already as easy and unnoticeable as traditional
wiretapping. Ultra broadband uplink interception, is something
completely
different.
The next stage will probably be routing from satellite to
satellite, and once this is done, USA is the only party having
complete control over global internet communication.
spacerouterAh, I forgot to mention chinas newest ability to destroy satellites
within 30 minutes by ballistic missiles if needed.
Lets call that, stalematt.

Archive, Security

GPG Expired Keys Cleanup – Howto

A lot of people leave their “expired”
public keys on the public key servers forever.
They even keep expired secret keys in their keys, or worst, they
delete expired secret keys from their keyring before revoking
according public keys and publishing this revokation to th key
servers.So did I….

…so, the correct way to take care of your keys is:

List your secret keys:

kobaans-computer:~ kobaan$
gpg –list-secret-keys
/Users/kobaan/.gnupg/secring.gpg
———————————
sec 1024D/9DC0387E 2006-02-21 [expires: 2007-02-21]
uid Andreas Kobara (privat)
ssb 2048g/E5122423 2006-02-21

sec 1024D/F373037D 2006-02-21 [expires: 2007-02-21]
uid Andreas Kobara
ssb 2048g/712EA6D2 2006-02-21

sec 1024D/5BD5E033 2007-02-15 [expires: 2008-02-20]
uid Andreas Kobara
ssb 2048g/ACE9BC3A 2007-02-15

sec 1024D/06F5B3D4 2007-02-15 [expires: 2008-02-20]
uid Andreas Kobara
ssb 2048g/B5A90C83 2007-02-15

As one can see, I have to keys, taht are already expired, and that
I have already created a follow-up key for.
As long as I do not revoke the expired public key, others can still
encrypt mails to me ignoring the expired key,
and I (or someone who has stolen my old secret key) will be able to
still decrypt an expired key encrypted mail.

Usually you should create a revocation certificate for a newly
generated key, to be able to revoke it later, in case it was
stolen, or just expired.
In my case, I will create a revocation certificate now, to revoke
my key from the keyservers.
kobaans-computer:~ kobaan$
gpg –gen-revoke 9DC0387E

sec 1024D/9DC0387E 2006-02-21 Andreas Kobara (privat)

Create a revocation certificate for this key? (y/N) y
Please select the reason for the revocation:
0 = No reason specified
1 = Key has been compromised
2 = Key is superseded
3 = Key is no longer used
Q = Cancel
(Probably you want to select 1 here)
Your decision? 3
Enter an optional description; end it with an empty line:
>
Reason for revocation: Key is no longer used
(No description given)
Is this okay? (y/N) y

You need a passphrase to unlock the secret key for
user: “Andreas Kobara (privat) ”
1024-bit DSA key, ID 9DC0387E, created 2006-02-21

ASCII armored output forced.
Revocation certificate created.

Please move it to a medium which you can hide away; if Mallory
gets
access to this certificate he can use it to make your key
unusable.
It is smart to print this certificate and store it away, just in
case
your media become unreadable. But have some caution: The print
system of
your machine might store the data and make it available to
others!

—–BEGIN PGP PUBLIC KEY BLOCK—–
Version: GnuPG v1.4.6 (Darwin)
Comment: A revocation certificate should follow

iEkEIBECAAkFAkYZKk0CHQMACgkQSA/XCJ3AOH71eACeO+XLUL2pihKbaK2YkHUj

2kQshtgAn0GXcpByipSaJ6VRwbhch90YKwhk
=ijDs
—–END PGP PUBLIC KEY BLOCK—–

Nothing happened so far, you can store your revocation certificate
now, or use it, based on your needs.
Lets check the status of my key before and after revocation:
kobaans-computer:~ kobaan$
gpg –check-sig 9DC0387E
pub 1024D/9DC0387E 2006-02-21 [expired: 2007-02-21]
uid Andreas Kobara (privat)
sig!3 9DC0387E 2006-05-07 Andreas Kobara (privat)
sig!3 9DC0387E 2006-02-21 Andreas Kobara (privat)

Now import the certificate:
kobaans-computer:~ kobaan$
gpg –import

—–BEGIN PGP PUBLIC KEY BLOCK—–
Version: GnuPG v1.4.6 (Darwin)
Comment: A revocation certificate should follow

iEkEIBECAAkFAkYZKk0CHQMACgkQSA/XCJ3AOH71eACeO+XLUL2pihKbaK2YkHUj

2kQshtgAn0GXcpByipSaJ6VRwbhch90YKwhk
=ijDs
—–END PGP PUBLIC KEY BLOCK—–
gpg: Total number processed: 1

And check the keyring again:
kobaans-computer:~ kobaan$
gpg –check-sig 9DC0387E
gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust
model
gpg: depth: 0 valid: 2 signed: 0 trust: 0-, 0q, 0n, 0m, 0f,
2u
gpg: next trustdb check due at 2008-02-20
pub 1024D/9DC0387E 2006-02-21 [revoked: 2007-04-08]
rev! 9DC0387E 2007-04-08 Andreas Kobara (privat)
uid Andreas Kobara (privat)
sig!3 9DC0387E 2006-05-07 Andreas Kobara (privat)
sig!3 9DC0387E 2006-02-21 Andreas Kobara (privat)

Now it shows “revoked”.

We can now publish this key back to the keyservers to tell everyone
that this key is not any longer valid for signing and
encryption.
kobaans-computer:~ kobaan$
gpg –send-key 9DC0387E
gpg: sending key 9DC0387E to hkp server
subkeys.pgp.net

Although, as long as I do not delete this key from my own secret
keyring, it will be always posible to open very old mail archives
which used that old key.

Useful for someone ? Winking

Archive, Games

Sam Triggy – A Real Triple GuitarHero

Just wanted to share one of my latest
discoveries on youtube.Sam Triggy from
Malaysia, doesn’t play guitar…
…he does not play two guitars…
…no, he plays three guitars, at the same time.

Man, he’s a real pro. Enjoy Take 5 and Autumn Leaves performed by
Sam Triggy alone,
with his 3 e-guitars.

And one more video to give you an impression of his ability to play
different style music too.

This one is inspired by Jimi Hendrix:

Feel free to search on youtube for more different styles,
instruments and concertvideos of Sam Triggy.

Archive, Operating System

iTunes Cover Art without iTunesaccount on Intel Macs

If for some reason you don’t want to
use your iTunes account to fetch cover art for your music
collection, maybe this is for you.
fetchart
Aric Friesen has written an iTunes script called Fetch Art to fetch cover art for your songs from
Amazon.
Unfortunately it will only work on powerpc Macs, as it uses some
compiled perl modules which are not yet universal/intel.
Although the author stated that he is willing to build an universal
application if he would get donations (which according to some
guestbook entries, he already received), there is still no updated
application for intel Macs available, and the application will
crash, when it comes to downloading the cover art.”holy me”

Now don’t panic….
…so what we need to do is to call the perl module in Rosetta
mode.

What calls the perl module ?
– Perl.

Lets check perl:
kobaans-computer: kobaan$
which perl
/usr/bin/perl

kobaans-computer: kobaan$ file /usr/bin/perl
/usr/bin/perl: Mach-O universal binary with 2 architectures
/usr/bin/perl (for architecture i386): Mach-O executable i386
/usr/bin/perl (for architecture ppc): Mach-O executable
ppc

So, perl, is actually a universal binary, that means an intel
platform Mac will call the intel code natively.
Let’s correct this for the runtime of Fetch Art.

FIRST: make a backup of your original perl binary
kobaans-computer: kobaan$
sudo cp /usr/bin/perl /Users/kobaan/perl

SECOND: strip the intel code from the perl binary
kobaans-computer: kobaan$
sudo lipo -remove i386 /usr/bin/perl -o
/Users/kobaan/perl-ppc

THIRD: copy the stripped ppc-only binary of perl over the original
“location” of perl
kobaans-computer: kobaan$
sudo cp /Users/kobaan/perl-ppc /usr/bin/perl

What have we done:
kobaans-computer: kobaan$
file /usr/bin/perl
/usr/bin/perl: Mach-O universal binary with 1 architecture
/usr/bin/perl (for architecture ppc): Mach-O executable
ppc

What will happen if we call the Fetch Art script from within iTunes now….
… select your files, (choose your amazon store in preferences), and fetch the cover
art,
WOOOO its working using Rosetta, not fast, but working.

NOW, THE IMPORTANT LAST THING TO DO !!!
After using the script for your collection, quit Fetch Art, and copy back your original “universal” perl
binary.
kobaans-computer: kobaan$
sudo cp /Users/kobaan/perl /usr/bin/perl
Done . Everything back to normal.

Save your donations,
Kobaan.

Archive, Operating System

Switching browser defaultapplications on Mac

Since I had to search a bit hard on
this one, you might be interested in HOW TO CHANGE A DEFAULT
APPLICATION that is called when you open a file within your
browser.I just wanted to click on a link, that proofed to be a
mms-video-stream, to open in my favorite video player VLC, instead it ended up
opening in the rosetta-translated ages old windows media player for
mac. That was simply a no go.

“was”

Searching through various preferences in Mac OS and its
applications, even within Firefox as
it is done on Windows…
…I found this entry (already fixed):

kobaans-computer:~ kobaan$
defaults find mms

Found 1 keys in domain ‘com.apple.LaunchServices’: {
LSHandlers = (
{LSHandlerRoleAll = “org.videolan.vlc”; LSHandlerURLScheme = mms;
}

Since modifying plist files can be tricky for some people (not
using developer tools, or being familiar with “vi” and/or
“defaults” class syntax) I found that great application (actually a
preferences panel) called RCDefaultApp, which can be used to change and inspect
almost every file/mime/uri/… handling on Mac OS easily.

Enjoy.
Kobaan.